Phishing
"82% of breaches involved the Human Element, including Social Attacks, Errors and Misuse."
- Verizon 2020 Data Breach Investigations Report
Phishing is a common attack vector increasingly used by novice and advanced attackers gain access to systems and data. It is a simple and effective way to compromise an organisation, and is often the first step in a more complex attack.
Our approach emulates real-world threats and simulates real world threat actors to perform complex attack simulations or simply test how reactive your email filtering system is to malicious domains, emails and attachments.
This is a great way to test your security awareness training, and to identify any potential vulnerabilities in your security controls.
NOTE: This service can be combined with other services such as Password Auditing and Open Source Intelligence (OSINT) to provide a more holistic approach to testing your security policies, controls and exposure.
Resources
- Verizon 2022 Data Breach Investigations Report
- National Cyber Security Centre (NCSC) Phishing Defence Guidelines